nixCraft
Restricting Port forwarding in SSH server
This is a discussion on Restricting Port forwarding in SSH server within the Networking, Firewalls and Security forums, part of the Mastering Servers category; People, Hope you all know about SSH port forwarding. I have been wondering about how can we restrict SSH port ...
|
|||||||
| Register | FAQ | Members List | Calendar | Mark Forums Read |
06-12-2007, 05:38 PM
|
|||
|
|||
Restricting Port forwarding in SSH server
People,
Hope you all know about SSH port forwarding. I have been wondering about how can we restrict SSH port forwarding. I have seen a gateway-login server which allows forwarding to a particular host/port only. What I mean by this is that this particular ssh-server allows port forwarding to an IMAP port on an email server in the internal network. Ppl who want to check their emails just login to the gateway and they can set their IMAP server address as localhost:24443 which gets redirected to thatserver:443 This is a bit odd as we can do forwarding to only the email-server/IMAP port and nothing else. When I try to do a port forward to some other machine / other port, it just doesn't happen. #man sshd_config doesn't have any information about restricting portforwardings. Any clue? ricc 
|
| Sponsored Links | ||
|
|
|
06-12-2007, 08:13 PM
|
||||
|
||||
|
Some commercial server implementations do have options like
AllowForwardingPort number DenyForwardingPort number AllowForwardingTo 3000 DenyForwardingTo 8080 However latest version of OpenSSH comes with permitopen="host  ort"It will limit local ssh –L port forwarding such that it may only connect to the specified host and port. For example, if you want to allow port forwarding to a remote imap server called "server.nixcraft.in", add permitopen="server.nixcraft.in:143". See man page for example.
|
|
08-07-2008, 08:14 PM
|
|||
|
|||
|
restricting access on remote ports
Hi, is there a way to restrict remote port forwarding ports (-R) for a single user?
|
 |
| Bookmarks |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How to open a port | fed111 | Web servers | 1 | 03-08-2008 11:26 PM |
| HELP! Port Monitoring! | sunburn | Shell scripting | 1 | 02-11-2008 01:46 PM |
| Port forwarding | satimis | Networking, Firewalls and Security | 0 | 02-02-2008 07:45 AM |
| Restricting mail traffic | bubloob_13 | Linux software | 1 | 01-09-2007 03:32 PM |
| forwarding requests to another ip using IPTABLES | ranjanjajodia | Linux software | 2 | 03-17-2005 07:34 PM |
All times are GMT +5.5. The time now is 05:32 AM.
